Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/hedoD55VFN9FAb0HgxtugYLDuXY.roa
File: hedoD55VFN9FAb0HgxtugYLDuXY.roa (raw, json)
Hash identifier: tbwzK+TwQQafMU/ftxURHtfhfBZAvIB+uOEhDtxoey8=
Subject key identifier: 85:E7:68:0F:9E:55:14:DF:45:01:BD:07:83:1B:6E:81:82:C3:B9:76
Certificate issuer: /CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Certificate serial: 018CC8030F31B4C788F986B071F9B3EF9A1F
Authority key identifier: C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/hedoD55VFN9FAb0HgxtugYLDuXY.roa
Signing time: Tue 02 Jan 2024 02:31:32 +0000
ROA not before: Tue 02 Jan 2024 02:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 188.190.26.0/24 maxlen: 24
188.190.25.0/24 maxlen: 24
188.190.30.0/24 maxlen: 24
188.190.29.0/24 maxlen: 24
188.190.28.0/24 maxlen: 24
188.190.27.0/24 maxlen: 24
188.190.31.0/24 maxlen: 24
188.190.2.0/24 maxlen: 24
188.190.1.0/24 maxlen: 24
188.190.0.0/24 maxlen: 24
188.190.4.0/24 maxlen: 24
188.190.3.0/24 maxlen: 24
188.190.9.0/24 maxlen: 24
188.190.8.0/24 maxlen: 24
188.190.7.0/24 maxlen: 24
188.190.11.0/24 maxlen: 24
188.190.10.0/24 maxlen: 24
188.190.6.0/24 maxlen: 24
188.190.5.0/24 maxlen: 24
188.190.13.0/24 maxlen: 24
188.190.12.0/24 maxlen: 24
188.190.16.0/24 maxlen: 24
188.190.15.0/24 maxlen: 24
188.190.14.0/24 maxlen: 24
188.190.17.0/24 maxlen: 24
188.190.23.0/24 maxlen: 24
188.190.22.0/24 maxlen: 24
188.190.21.0/24 maxlen: 24
188.190.24.0/24 maxlen: 24
188.190.20.0/24 maxlen: 24
188.190.19.0/24 maxlen: 24
188.190.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 May 2024 13:21:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:0f:31:b4:c7:88:f9:86:b0:71:f9:b3:ef:9a:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Validity
Not Before: Jan 2 02:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85e7680f9e5514df4501bd07831b6e8182c3b976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b9:86:7b:dc:47:07:47:3b:be:13:a1:bc:b9:
c0:1f:9d:74:83:36:57:eb:5a:66:1b:76:76:db:49:
4c:7c:8d:c8:9d:0f:d8:e3:5a:64:fd:1d:e8:8a:54:
0f:8b:1f:12:5a:2b:f1:79:5f:6d:7f:eb:0f:93:25:
6e:63:d0:71:de:87:e2:10:98:bc:bb:ac:22:0e:ce:
40:ba:0f:d0:2d:83:fd:02:72:8b:62:63:a0:2d:c8:
c7:94:e7:f7:bf:24:fc:09:f7:e8:ad:d0:af:4d:b4:
29:89:d2:04:08:af:37:73:00:c5:48:9f:d7:4d:cf:
96:46:3f:f7:05:16:86:d5:8c:57:23:02:e7:3a:6b:
c6:3c:53:6d:6b:76:74:5e:7b:40:b7:fe:10:0a:35:
72:3a:13:2a:2f:4e:e0:c8:81:4e:e1:23:3b:16:2d:
db:d6:a0:c7:14:cc:77:34:65:50:94:14:e3:09:81:
61:d2:04:32:0c:c4:89:9f:c1:17:a5:40:e0:5e:83:
4c:50:63:29:be:3f:04:1a:d5:44:a1:65:c1:40:62:
23:5b:b8:c1:67:57:06:18:8f:de:1e:a1:e1:98:21:
53:44:07:77:aa:c9:ec:a1:49:9c:7a:86:31:1f:2f:
83:e3:dd:03:73:d5:92:a6:2e:b4:3d:06:f5:b2:68:
34:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E7:68:0F:9E:55:14:DF:45:01:BD:07:83:1B:6E:81:82:C3:B9:76
X509v3 Authority Key Identifier:
keyid:C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/hedoD55VFN9FAb0HgxtugYLDuXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.190.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b4:be:2d:7f:5b:b8:3d:19:c9:63:cf:dc:2f:83:cb:07:d7:c5:
c7:92:fb:5e:4c:26:0e:f6:54:42:c0:08:0a:b2:28:9a:dc:18:
0b:9d:49:9b:f5:36:50:a4:82:db:3a:28:10:59:d4:82:9e:b5:
27:9c:a9:75:d3:84:56:a8:e3:bb:27:99:b0:cc:ec:7e:39:b7:
97:a4:19:24:86:e4:78:a1:98:05:b4:0e:19:a3:05:07:ac:e6:
10:72:c3:0e:96:6a:d4:5d:0c:7b:f3:c1:c8:46:e7:df:9e:11:
7b:fc:bc:96:21:38:d3:74:9a:ab:a1:c7:3b:db:49:61:1f:56:
41:0d:8b:58:dc:08:1f:f6:8f:a6:f7:6e:60:75:5a:d8:36:cd:
77:3b:bb:6c:e0:ac:a9:28:22:aa:5b:2e:fd:57:a1:5b:cb:d1:
66:e9:36:19:aa:86:ec:a2:92:23:5f:4c:59:ee:8a:13:5d:ab:
23:61:54:ec:2f:af:76:bd:c3:31:7d:cb:94:ae:cd:d9:ba:87:
f8:b3:8d:40:25:cb:ee:83:15:4c:ef:c0:a1:2a:bc:d1:40:44:
72:1b:f9:38:2e:0d:ab:08:f4:3c:47:5f:96:f0:65:23:1e:54:
c7:48:51:35:98:0b:c7:ad:19:66:f0:bd:6c:29:34:21:82:c9:
16:77:b2:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAw8xtMeI+Yawcfmz75ofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzNmYWU5OWQ2NTEyOTg4NDVkMjJmODlkOGQyYjJlMWQx
M2JjMDQwHhcNMjQwMTAyMDIzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWU3NjgwZjllNTUxNGRmNDUwMWJkMDc4MzFiNmU4MTgyYzNiOTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrmGe9xHB0c7vhOhvLnAH510gzZX
61pmG3Z220lMfI3InQ/Y41pk/R3oilQPix8SWivxeV9tf+sPkyVuY9Bx3ofiEJi8
u6wiDs5Aug/QLYP9AnKLYmOgLcjHlOf3vyT8CffordCvTbQpidIECK83cwDFSJ/X
Tc+WRj/3BRaG1YxXIwLnOmvGPFNta3Z0XntAt/4QCjVyOhMqL07gyIFO4SM7Fi3b
1qDHFMx3NGVQlBTjCYFh0gQyDMSJn8EXpUDgXoNMUGMpvj8EGtVEoWXBQGIjW7jB
Z1cGGI/eHqHhmCFTRAd3qsnsoUmceoYxHy+D490Dc9WSpi60PQb1smg0IQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIXnaA+eVRTfRQG9B4MbboGCw7l2MB8GA1UdIwQY
MBaAFMNz+umdZRKYhF0i+J2NKy4dE7wEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEt
MWRlNTZlNDc1ZmJmLzEvaGVkb0Q1NVZGTjlGQWIwSGd4dHVnWUxEdVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEtMWRlNTZlNDc1ZmJm
LzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFvL4AMA0G
CSqGSIb3DQEBCwUAA4IBAQC0vi1/W7g9Gcljz9wvg8sH18XHkvteTCYO9lRCwAgK
siia3BgLnUmb9TZQpILbOigQWdSCnrUnnKl104RWqOO7J5mwzOx+ObeXpBkkhuR4
oZgFtA4ZowUHrOYQcsMOlmrUXQx788HIRuffnhF7/LyWITjTdJqrocc720lhH1ZB
DYtY3Agf9o+m925gdVrYNs13O7ts4KypKCKqWy79V6Fby9Fm6TYZqobsopIjX0xZ
7ooTXasjYVTsL692vcMxfcuUrs3Zuof4s41AJcvugxVM78ChKrzRQERyG/k4Lg2r
CPQ8R1+W8GUjHlTHSFE1mAvHrRlm8L1sKTQhgskWd7Kk
-----END CERTIFICATE-----
Generated at Thu May 30 20:41:59 2024 by rpki-client on console-fra.rpki-client.org